Securing Debian Manual

Total Page:16

File Type:pdf, Size:1020Kb

Securing Debian Manual Securing Debian Manual Javier Fernández-Sanguino Peña <[email protected]> ‘Authors’ on this page Version: 3.16, built on Sun, 08 Apr 2012 02:48:09 +0000 Abstract This document describes security in the Debian project and in the Debian operating system. Starting with the process of securing and hardening the default Debian GNU/Linux distribu- tion installation, it also covers some of the common tasks to set up a secure network environ- ment using Debian GNU/Linux, gives additional information on the security tools available and talks about how security is enforced in Debian by the security and audit team. Copyright Notice Copyright © 2002-2013 Javier Fernández-Sanguino Peña Copyright © 2001 Alexander Reelsen, Javier Fernández-Sanguino Peña Copyright © 2000 Alexander Reelsen Some sections are copyright © their respective authors, for details please refer to ‘Credits and thanks!’ on page 29. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 (http://www.gnu.org/licenses/ old-licenses/gpl-2.0.html) or any later version (http://www.gnu.org/copyleft/ gpl.html) published by the Free Software Foundation. It is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY. Permission is granted to make and distribute verbatim copies of this document provided the copyright notice and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this document under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this document into another lan- guage, under the above conditions for modified versions, except that this permission notice may be included in translations approved by the Free Software Foundation instead of in the original English. i Contents 1 Introduction 1 1.1 Authors...........................................1 1.2 Where to get the manual (and available formats)...................2 1.3 Organizational notes/feedback.............................3 1.4 Prior knowledge......................................3 1.5 Things that need to be written (FIXME/TODO)....................3 1.6 Changelog/History....................................6 1.6.1 Version 3.16 (January 2013)...........................6 1.6.2 Version 3.15 (December 2010)..........................7 1.6.3 Version 3.14 (March 2009)............................7 1.6.4 Version 3.13 (Februrary 2008)..........................7 1.6.5 Version 3.12 (August 2007)...........................8 1.6.6 Version 3.11 (January 2007)...........................8 1.6.7 Version 3.10 (November 2006)..........................9 1.6.8 Version 3.9 (October 2006)............................9 1.6.9 Version 3.8 (July 2006).............................. 10 1.6.10 Version 3.7 (April 2006)............................. 10 1.6.11 Version 3.6 (March 2006)............................. 10 1.6.12 Version 3.5 (November 2005).......................... 11 1.6.13 Version 3.4 (August-September 2005)..................... 12 1.6.14 Version 3.3 (June 2005).............................. 12 1.6.15 Version 3.2 (March 2005)............................. 12 1.6.16 Version 3.1 (January 2005)............................ 13 CONTENTS ii 1.6.17 Version 3.0 (December 2004)........................... 13 1.6.18 Version 2.99 (March 2004)............................ 14 1.6.19 Version 2.98 (December 2003).......................... 14 1.6.20 Version 2.97 (September 2003).......................... 15 1.6.21 Version 2.96 (August 2003)........................... 15 1.6.22 Version 2.95 (June 2003)............................. 15 1.6.23 Version 2.94 (April 2003)............................. 16 1.6.24 Version 2.93 (March 2003)............................ 16 1.6.25 Version 2.92 (February 2003).......................... 16 1.6.26 Version 2.91 (January/February 2003)..................... 16 1.6.27 Version 2.9 (December 2002)........................... 17 1.6.28 Version 2.8 (November 2002).......................... 17 1.6.29 Version 2.7 (October 2002)............................ 18 1.6.30 Version 2.6 (September 2002).......................... 18 1.6.31 Version 2.5 (September 2002).......................... 18 1.6.32 Version 2.5 (August 2002)............................ 18 1.6.33 Version 2.4..................................... 22 1.6.34 Version 2.3..................................... 22 1.6.35 Version 2.3..................................... 22 1.6.36 Version 2.2..................................... 23 1.6.37 Version 2.1..................................... 23 1.6.38 Version 2.0..................................... 23 1.6.39 Version 1.99.................................... 25 1.6.40 Version 1.98.................................... 25 1.6.41 Version 1.97.................................... 25 1.6.42 Version 1.96.................................... 25 1.6.43 Version 1.95.................................... 26 1.6.44 Version 1.94.................................... 26 1.6.45 Version 1.93.................................... 26 1.6.46 Version 1.92.................................... 26 1.6.47 Version 1.91.................................... 26 CONTENTS iii 1.6.48 Version 1.9..................................... 27 1.6.49 Version 1.8..................................... 27 1.6.50 Version 1.7..................................... 27 1.6.51 Version 1.6..................................... 28 1.6.52 Version 1.5..................................... 28 1.6.53 Version 1.4..................................... 28 1.6.54 Version 1.3..................................... 29 1.6.55 Version 1.2..................................... 29 1.6.56 Version 1.1..................................... 29 1.6.57 Version 1.0..................................... 29 1.7 Credits and thanks!.................................... 29 2 Before you begin 31 2.1 What do you want this system for?........................... 31 2.2 Be aware of general security problems......................... 31 2.3 How does Debian handle security?........................... 34 3 Before and during the installation 35 3.1 Choose a BIOS password................................. 35 3.2 Partitioning the system.................................. 35 3.2.1 Choose an intelligent partition scheme.................... 35 3.3 Do not plug to the Internet until ready......................... 37 3.4 Set a root password.................................... 38 3.5 Activate shadow passwords and MD5 passwords.................. 38 3.6 Run the minimum number of services required.................... 38 3.6.1 Disabling daemon services........................... 39 3.6.2 Disabling inetd or its services......................... 41 3.7 Install the minimum amount of software required.................. 41 3.7.1 Removing Perl.................................. 43 3.8 Read the Debian security mailing lists......................... 45 CONTENTS iv 4 After installation 47 4.1 Subscribe to the Debian Security Announce mailing list............... 47 4.2 Execute a security update................................ 48 4.2.1 Security update of libraries........................... 49 4.2.2 Security update of the kernel.......................... 49 4.3 Change the BIOS (again)................................. 51 4.4 Set a LILO or GRUB password............................. 51 4.5 Disable root prompt on the initramfs.......................... 52 4.6 Remove root prompt on the kernel........................... 52 4.7 Restricting console login access............................. 53 4.8 Restricting system reboots through the console.................... 54 4.9 Restricting the use of the Magic SysRq key...................... 55 4.10 Mounting partitions the right way........................... 55 4.10.1 Setting /tmp noexec............................... 57 4.10.2 Setting /usr read-only.............................. 57 4.11 Providing secure user access............................... 57 4.11.1 User authentication: PAM............................ 57 4.11.2 Limiting resource usage: the limits.conf file............... 61 4.11.3 User login actions: edit /etc/login.defs ................. 63 4.11.4 User login actions: edit /etc/pam.d/login ................ 64 4.11.5 Restricting ftp: editing /etc/ftpusers ................... 65 4.11.6 Using su...................................... 65 4.11.7 Using sudo.................................... 66 4.11.8 Disallow remote administrative access..................... 66 4.11.9 Restricting users’s access............................ 66 4.11.10 User auditing................................... 67 4.11.11 Reviewing user profiles............................. 69 4.11.12 Setting users umasks............................... 69 4.11.13 Limiting what users can see/access...................... 70 4.11.14 Generating user passwords........................... 71 4.11.15 Checking user passwords............................ 72 CONTENTS v 4.11.16 Logging off idle users.............................. 72 4.12 Using tcpwrappers.................................... 73 4.13 The importance of logs and alerts............................ 74 4.13.1 Using and customizing logcheck ....................... 75 4.13.2 Configuring where alerts are sent....................... 76 4.13.3 Using a loghost.................................. 76 4.13.4 Log file permissions............................... 77 4.14 Adding kernel patches.................................. 77
Recommended publications
  • MASTERCLASS GNUPG MASTERCLASS You Wouldn’T Want Other People Opening Your Letters and BEN EVERARD Your Data Is No Different
    MASTERCLASS GNUPG MASTERCLASS You wouldn’t want other people opening your letters and BEN EVERARD your data is no different. Encrypt it today! SECURE EMAIL WITH GNUPG AND ENIGMAIL Send encrypted emails from your favourite email client. our typical email is about as secure as a The first thing that you need to do is create a key to JOHN LANE postcard, which is good news if you’re a represent your identity in the OpenPGP world. You’d Ygovernment agency. But you wouldn’t use a typically create one key per identity that you have. postcard for most things sent in the post; you’d use a Most people would have one identity, being sealed envelope. Email is no different; you just need themselves as a person. However, some may find an envelope – and it’s called “Encryption”. having separate personal and professional identities Since the early 1990s, the main way to encrypt useful. It’s a personal choice, but starting with a single email has been PGP, which stands for “Pretty Good key will help while you’re learning. Privacy”. It’s a protocol for the secure encryption of Launch Seahorse and click on the large plus-sign email that has since evolved into an open standard icon that’s just below the menu. Select ‘PGP Key’ and called OpenPGP. work your way through the screens that follow to supply your name and email address and then My lovely horse generate the key. The GNU Privacy Guard (GnuPG), is a free, GPL-licensed You can, optionally, use the Advanced Key Options implementation of the OpenPGP standard (there are to add a comment that can help others identify your other implementations, both free and commercial – key and to select the cipher, its strength and set when the PGP name now refers to a commercial product the key should expire.
    [Show full text]
  • IBM Multi-Factor Authentication for Z/OS
    Multi Factor Authentication for Linux on IBM Z using a centralized z/OS LDAP infrastructure Dr. Manfred Gnirss Thomas Wienert Z ATS IBM Systems IBM Germany R & D Boeblingen, 18.7.2018 © 2018 IBM Corporation 2 Trademarks The following are trademarks of the International Business Machines Corporation in the United States, other countries, or both. Not all common law marks used by IBM are listed on this page. Failure of a mark to appear does not mean that IBM does not use the mark nor does it mean that the product is not actively marketed or is not significant within its relevant market. Those trademarks followed by ® are registered trademarks of IBM in the United States; all others are trademarks or common law marks of IBM in the United States. For a complete list of IBM Trademarks, see www.ibm.com/legal/copytrade.shtml: *BladeCenter®, DB2®, e business(logo)®, DataPower®, ESCON, eServer, FICON, IBM®, IBM (logo)®, MVS, OS/390®, POWER6®, POWER6+, POWER7®, Power Architecture®, PowerVM®, S/390®, System p®, System p5, System x®, System z®, System z9®, System z10®, WebSphere®, X-Architecture®, zEnterprise, z9®, z10, z/Architecture®, z/OS®, z/VM®, z/VSE®, zSeries® The following are trademearks or registered trademarks of other companies. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc.
    [Show full text]
  • Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software
    Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software Chongkyung Kil,∗ Jinsuk Jun,∗ Christopher Bookholt,∗ Jun Xu,† Peng Ning∗ Department of Computer Science∗ Google, Inc.† North Carolina State University {ckil, jjun2, cgbookho, pning}@ncsu.edu [email protected] Abstract a memory corruption attack), an attacker attempts to alter program memory with the goal of causing that program to Address space randomization is an emerging and behave in a malicious way. The result of a successful at- promising method for stopping a broad range of memory tack ranges from system instability to execution of arbitrary corruption attacks. By randomly shifting critical memory code. A quick survey of US-CERT Cyber Security Alerts regions at process initialization time, address space ran- between mid-2005 and 2004 shows that at least 56% of the domization converts an otherwise successful malicious at- attacks have a memory corruption component [24]. tack into a benign process crash. However, existing ap- Memory corruption vulnerabilities are typically caused proaches either introduce insufficient randomness, or re- by the lack of input validation in the C programming lan- quire source code modification. While insufficient random- guage, with which the programmers are offered the free- ness allows successful brute-force attacks, as shown in re- dom to decide when and how to handle inputs. This flex- cent studies, the required source code modification prevents ibility often results in improved application performance. this effective method from being used for commodity soft- However, the number of vulnerabilities caused by failures ware, which is the major source of exploited vulnerabilities of input validation indicates that programming errors of this on the Internet.
    [Show full text]
  • Security Enhancements in Red Hat Enterprise Linux (Beside Selinux)
    Security Enhancements in Red Hat Enterprise Linux (beside SELinux) Ulrich Drepper Red Hat, Inc. [email protected] December 9, 2005 Abstract Bugs in programs are unavoidable. Programs developed using C and C++ are especially in danger. If bugs cannot be avoided the next best thing is to limit the damage. This article will show improvements in Red Hat Enterprise Linux which achieve just that. 1 Introduction These problems are harder to protect against since nor- mally2 all of the OS’s functionality is available and the Security problems are one of the biggest concerns in the attacker might even be able to use self-compiled code. industry today. Providing services on networked comput- ers which are accessible through the intranet and/or Inter- Remotely exploitable problems are more serious since net potentially to untrusted individuals puts the installa- the attacker can be anywhere if the machine is available tion at risk. A number of changes have been made to the through the Internet. On the plus side, only applications Linux OS1 which help a lot to mitigate the risks. Up- accessible through the network services provided by the coming Red Hat Enterprise Linux versions will feature machine can be exploited, which limits the range of ex- the SELinux extensions, originally developed by the Na- ploits. Further limitations are the attack vectors. Usually tional Security Agency (NSA), with whom Red Hat now remote attackers can influence applications only by pro- collaborates to productize the developed code. SELinux viding specially designed input. This often means cre- means a major change in Linux and is a completely sep- ating buffer overflows, i.e., situations where the data is arate topic by itself.
    [Show full text]
  • Securing Email Through Online Social Networks
    SECURING EMAIL THROUGH ONLINE SOCIAL NETWORKS Atieh Saberi Pirouz A thesis in The Department of Concordia Institute for Information Systems Engineering (CIISE) Presented in Partial Fulfillment of the Requirements For the Degree of Master of Applied Science (Information Systems Security) at Concordia University Montreal,´ Quebec,´ Canada August 2013 © Atieh Saberi Pirouz, 2013 Concordia University School of Graduate Studies This is to certify that the thesis prepared By: Atieh Saberi Pirouz Entitled: Securing Email Through Online Social Networks and submitted in partial fulfillment of the requirements for the degree of Master of Applied Science (Information Systems Security) complies with the regulations of this University and meets the accepted standards with respect to originality and quality. Signed by the final examining commitee: Dr. Benjamin C. M. Fung Chair Dr. Lingyu Wang Examiner Dr. Zhenhua Zhu Examiner Dr. Mohammad Mannan Supervisor Approved Chair of Department or Graduate Program Director 20 Dr. Christopher Trueman, Dean Faculty of Engineering and Computer Science Abstract Securing Email Through Online Social Networks Atieh Saberi Pirouz Despite being one of the most basic and popular Internet applications, email still largely lacks user-to-user cryptographic protections. From a research perspective, designing privacy preserving techniques for email services is complicated by the re- quirement of balancing security and ease-of-use needs of everyday users. For example, users cannot be expected to manage long-term keys (e.g., PGP key-pair), or under- stand crypto primitives. To enable intuitive email protections for a large number of users, we design Friend- lyMail by leveraging existing pre-authenticated relationships between a sender and receiver on an Online Social Networking (OSN) site, so that users can send secure emails without requiring direct key exchange with the receiver in advance.
    [Show full text]
  • Telecom Sud Paris
    Sécurité des OS et des systèmes Telecom Sud Paris Aurélien Wailly, Emmanuel Gras Amazon Dublin ANSSI Paris 2 Juin 2017 Présentation des intervenants Emmanuel Gras I Agence nationale de la sécurité des systèmes d’information depuis trop longtemps I Bureau inspections en SSI I http://pro.emmanuelgras.com I [email protected] Aurélien Wailly I Amazon depuis 2 ans I Thèse : End-to-end Security Architecture and Self-Protection Mechanisms for Cloud Computing Environments I Sécurité OS, reverse-engineering, réponse à incidents I http://aurelien.wail.ly I [email protected] A. Wailly, E. Gras (Amazon / ANSSI) Sécurité des OS et des systèmes 2 Juin 2017 2 / 259 Sécurité des sysèmes et des OS Objectifs I Fonctionnement des OS modernes, notamment du point de vue de la sécurité I Failles, exploitation, compromission I Dans le domaine de la sécurité, il est indispensable de comprendre comment marche un système pour l’exploiter Cibles I Linux, les principes restent valables pour les UNIX I Windows A. Wailly, E. Gras (Amazon / ANSSI) Sécurité des OS et des systèmes 2 Juin 2017 3 / 259 Plan 1 Introduction 2 OS, CPU et sécurité 3 Mémoire, segmentation et pagination (et sécurité !) 4 Sécurité des utilisateurs - UNIX 5 Sécurité des utilisateurs - Windows 6 Analyse de binaires - Concepts et outils 7 Failles applicatives 8 Protection des OS A. Wailly, E. Gras (Amazon / ANSSI) Sécurité des OS et des systèmes 2 Juin 2017 4 / 259 Votre OS ? www.dilbert.com/ A. Wailly, E. Gras (Amazon / ANSSI) Sécurité des OS et des systèmes 2 Juin 2017 5 / 259 Ce qui ne sera pas abordé La sécurité est un sujet vaste ! Réseau Virus et malwares Techniques logicielles avancées I Shellcoding poussé I Protection logicielle Exploitation Web I Cross Site Scripting I Injections SQL A.
    [Show full text]
  • Digital Security for Activists
    Training the Motivated: Digital Security for Activists Glencora Borradaile Kelsy Kretschmer Abstract School of Electrical Engineering School of Public Policy The state of global surveillance and the political and Computer Science Sociology Program environment has many activists caring more about their Oregon State University Oregon State University online security culture. We report on the initiation of a Corvallis, OR 97331, USA Corvallis, OR 97331, USA Digital Security for Activists program and a pilot study of an [email protected] [email protected] introductory seminar. Pre- and post-surveys of the seminar will form an initial assessment of what kind of intervention might increase the security practices of activists and to inform the design of program offerings. We report on the pre-surveys from three offerings of the seminar. Introduction In collaboration with the Civil Liberties Defense Center (CLDC), the first author had been offering informal digital security trainings for activists and their lawyers. After the fall elections in the U.S., requests for these trainings increased dramatically and shortly thereafter we launched a Digital Security for Activists (DSA) program. The DSA program’s intent is to align with the CLDC mission (“to defend and uphold civil liberties through education, outreach, litigation, legal support, and assistance”) and enable citizen activists to assert their constitutional rights while organizing online. Copyright is held by the author/owner. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee. Poster In order to provide trainings that are useful and effective, we presented at the 13th Symposium on Usable Privacy and Security (SOUPS 2017).
    [Show full text]
  • Linux-Professional-Institute-LPI-303
    LPIC-3: Linux Enterprise Professional Certification LPIC-3 303: Security LPIC-3 is a professional certification program program that covers enterprise Linux specialties. LPIC-3 303 covers administering Linux enterprise-wide with an emphasis on Security. To become LPIC-3 certified, a candidate with an active LPIC-1 and LPIC-2 certification must pass at least one of the following specialty exams. Upon successful completion of the requirements, they will be entitled to the specialty designation: LPIC-3 Specialty Name. For example, LPIC-3 Virtualization & High Availability. Specialties: • 300: Mixed Environment • 303: Security • 304: Virtualization and High Availability TOPIC 325: CRYPTOGRAPHY • Configure Apache HTTPD with mod_ssl to that performs DNSSEC validation on behalf of 325.1 X.509 Certificates and Public Key provide HTTPS service, including SNI and its clients Infrastructures (5) HSTS • Key Signing Key, Zone Signing Key, Key Tag Candidates should understand X.509 certificates • Configure Apache HTTPD with mod_ssl to • Key generation, key storage, key management and public key infrastructures. They should know authenticate users using certificates and key rollover how to configure and use OpenSSL to implement • Configure Apache HTTPD with mod_ssl to • Maintenance and re-signing of zones certification authorities and issue SSL certificates provide OCSP stapling • Use DANE to publish X.509 certificate for various purposes. • Use OpenSSL for SSL/TLS client and server information in DNS Key knowledge areas: tests • Use TSIG for secure communication with BIND • Understand X.509 certificates, X.509 certificate 325.3 Encrypted File Systems (3) TOPIC 326: HOST SECURITY lifecycle, X.509 certificate fields and X.509v3 Candidates should be able to setup and 326.1 Host Hardening (3) certificate extensions configure encrypted file systems.
    [Show full text]
  • Gnu Privacy Guard (Gnupg) Mini Howto (English)
    Gnu Privacy Guard (GnuPG) Mini Howto (English) Brenno J.S.A.A.F. de Winter (English) <brenno@dew int er . com> Michael Fischer v. Mollard (German) <f i s cher @math .uni- goettingen. de> Arjen Baart <arj en@andromeda .nl> Version 0.1.4 August 10, 2004 This documents explains how to use the GNU Privacy Guard (GnuPG), an Open Source OpenPGP compatible encryption system To keep this program totally free the use of the RSA algorithm and other patented algorithm has been avoided. The document was originally written by Michael Fischer v. Mollar in German. The text has been translated and adjusted on some points and cannot be considered as a full one-on-one copy. Contents 1 Concepts 2 1.1 Public Key Encryption .............................................................................................................................................. 2 1.2 Digital Signatures ..................................................................................................................................................... 3 1.3 Web of trust .............................................................................................................................................................. 3 1.4 Boundaries to security .............................................................................................................................................. 3 2 Installation 4 2.1 Sources for GnuPG. .................................................................................................................................................
    [Show full text]
  • 6.2 Release Notes
    Red Hat Enterprise Linux 6 6.2 Release Notes Release Notes for Red Hat Enterprise Linux 6.2 Edition 2 Last Updated: 2017-10-24 Red Hat Enterprise Linux 6 6.2 Release Notes Release Notes for Red Hat Enterprise Linux 6.2 Edition 2 Red Hat Engineering Content Services Legal Notice Copyright © 2011 Red Hat, Inc. This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
    [Show full text]
  • Online Self Defense – Black Belt Level
    Online Self Defense – Black Belt Level Review - White Belt Level 1.Do your updates 2.Use good antivirus/antimalware software 3.A long password is a strong password 4.Be suspicious of all emails, particularly those asking you to click on links, or that have attachments. Review – Yellow Belt 1.Always verify t!at you are on the we#site you mean to be 2.$et #rowser to more secure settings 3.Use privacy enhancing browser plugins 4.$can everything you download %.Only download programs from the official we#site Review - Green Belt Level ● (nformation is the currency of the internet ● )rivacy has finincial as well as ethical implications ● *a"e sure that your connection is encrypted +,--)$. ● Anonymizing we# proxies can help ● 1)Ns are better ● -or Browser is even better Review – Brown Belt Level 1.Unencrypted email is like sending a postcard instead of a letter 2.-o encrypt email use *ozilla -!under#ird with the 3nigmail plugin 3.-o encrypt chat use Pidgin with the OTR plugin Threat Modeling Decide what your most likely t!reats and plan your defense based on the following questions. 1. What is the most vulnerable/exploitable? 2. What is the most valuable? 3.How can I mitigate my vulnerabilities? 4. What can I o to limit amage i! an attac" is success!ul? Segregation of Identity ● Limit ability of a t!ird party to connect di'erent aspects of your life. 7or e0ample casual we# #rowsing and !ome #anking. ● 8roup activities wit! similar security re5uirements. ● Be self disciplined a#out t!is segregation.
    [Show full text]
  • Hot Topics in Computer Security
    Hot Topics in Computer Security Iliano Cervesato http://www.qatar.cmu.edu/iliano Andrew’s Leap June 30, 2010 Outline Let’s play a security game Cryptographic protocols Where did this guy say he’s from? 1 Here is the game Threat “Someone can break into my apartment and steal or destroy my stuff” Attacks and countermeasures I have a basic protection, but worse things can happen, help me to find what and how to mitigate them 2 My apartment’s basic protection Classic wooden door with a 3 points lock On the balcony (2nd floor), PVC windows with a single point lock 3 But … what’s in my apartment? $299 $89 4 What do we learn from the game You never prevent a threat .... you lower the risk! Performing an attack has a cost It's a balance between . the assets that you want to protect . the efforts an attacker will make Deploying a countermeasure has a cost It's a balance between . the cost of recovering from the attack . the cost of a deploying a protection mechanism 5 But keep in mind ... Security should always serves the business and not constrains it, otherwise ... nobody will invest in it or will be disable to be more efficient What is your definition of the risk analysis for computer science? 6 Now you know ... Marketing guy: “My software is totally secure!” You: “Oh really? Against what?” Your boss: “Design my information system and make it secure!” You: “tell me what you want to protect and let's talk together about ... potential threats .
    [Show full text]